Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\bpf\verifier.c Create Date:2022-07-28 13:02:27
Last Modify:2022-05-19 20:02:10 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:-recursive depth-first-search to detect loops in BPF program* loop == back-edge in directed graph

Proto:static int check_cfg(struct bpf_verifier_env *env)

Type:int

Parameter:

TypeParameterName
struct bpf_verifier_env *env
6538  insns = insnsi
6539  insn_cnt = Number of filter blocks
6541  ret = 0
6544  insn_state = insn_state = kvcalloc(insn_cnt, sizeof(int), GFP_KERNEL)
6545  If Not insn_state Then Return -ENOMEM
6548  insn_stack = insn_stack = kvcalloc(insn_cnt, sizeof(int), GFP_KERNEL)
6549  If Not insn_stack Then
6550  kvfree(insn_state)
6551  Return -ENOMEM
6554  insn_state[0] = DISCOVERED
6555  insn_stack[0] = 0
6556  cur_stack = 1
6558  peek_stack :
6559  If cur_stack == 0 Then Go to check_state
6561  t = insn_stack[cur_stack - 1]
6563  If Instruction classes ( opcode ) == BPF_JMP || Instruction classes ( opcode ) == jmp mode in word width Then
6565  opcode = alu/jmp fields ( opcode )
6567  If opcode == unction return Then
6568  Go to mark_explored
6569  Else if opcode == unction call Then
6571  If ret == 1 Then Go to peek_stack
6573  Else if ret < 0 Then Go to err_free
6575  If t + 1 < insn_cnt Then init_explored_state(env, t + 1)
6581  If ret == 1 Then Go to peek_stack
6583  Else if ret < 0 Then Go to err_free
6586  Else if opcode == BPF_JA Then
6587  If BPF_SRC( opcode ) != BPF_K Then
6588  ret = -EINVAL
6589  Go to err_free
6594  If ret == 1 Then Go to peek_stack
6596  Else if ret < 0 Then Go to err_free
6606  If t + 1 < insn_cnt Then init_explored_state(env, t + 1)
6608  Else
6612  If ret == 1 Then Go to peek_stack
6614  Else if ret < 0 Then Go to err_free
6618  If ret == 1 Then Go to peek_stack
6620  Else if ret < 0 Then Go to err_free
6623  Else
6627  ret = , w, e - match pseudo-code above:
6628  If ret == 1 Then Go to peek_stack
6630  Else if ret < 0 Then Go to err_free
6634  mark_explored :
6635  insn_state[t] = EXPLORED
6636  If cur_stack-- <= 0 Then
6637  verbose(env, "pop stack internal bug\n")
6638  ret = -EFAULT
6639  Go to err_free
6641  Go to peek_stack
6643  check_state :
6644  When i < insn_cnt cycle
6645  If insn_state[i] != EXPLORED Then
6646  verbose(env, "unreachable insn %d\n", i)
6647  ret = -EINVAL
6648  Go to err_free
6651  ret = 0
6653  err_free :
6654  kvfree(insn_state)
6655  kvfree(insn_stack)
6656  insn_state = insn_stack = NULL
6657  Return ret
Caller
NameDescribe
bpf_check